Table of Contents
Advertisement
Security Services Implemented Within Oracle HTTP Server
Using mod_ossl Directives to Configure Client Authentication
This section provides instructions on how you can use the directives mentioned
earlier to set up configurations that enable you to use client certificates for
authenticating clients. Following are some scenarios:
I
I
8-32 Oracle HTTP Server Administrator's Guide
Authenticating clients based on certificates when all clients are known.
The server wallet has imported the CA certificate which signed all the client
certificates.
For example, specify the following directives in the httpd.conf file:
SSLVerifyClient require
Authenticating for a particular URL based on certificates, while allowing
arbitrary clients to access the rest of the server
To enable this, use the per-directory reconfiguration feature of mod_ossl.
Session re-negotiation enables an SSL session to be re-negotiated with a client
after the initial request and URL have been read. This is only supported for
requests that do not contain body data, such as GET requests.
See Also:
"Classes of Directives"
I
mod_ssl documentation.
I
For example, specify the following directives in the httpd.conf file:
<Location /secure/area>
SSLVerifyClient require
</Location>
on page 2-3 for more information.
Advertisement
Table of Contents
